Blog | Mac malware — what you need to know

Macbook users are increasingly being targeted by malware. In the SophosLabs Malware Forecast this year, it was found that Mac malware is often technically sneaky and geared towards harvesting data or providing covert remote access to thieves and holding files for ransom.

Other types of malware include the FileCode ransomware, written in the Swift programming language, a relatively recent programming environment that comes from Apple.

FileCode releases text files telling users to pay bitcoins to the crook and leave their computer connected to the Internet so the cybercriminal can access their computer remotely to unscramble users’ files within 24 hours.

However, there are simple ways for Apple users to avoid falling prey to FileCode:

1. Stay away from websites claiming to help you bypass the licensing checks built into commercial software as FileCode is usually planted in software piracy sites masquerading as cracking tools for mainstream commercial software products

2. FileCode uses an encryption algorithm that can almost certainly be defeated without paying the ransom. Hence, if you have the original, unecrypted copy of one of the files that ended up scrambled, there are high chances of using free tools to “crack” the decryption key and recover files for yourself

Recently, SophosLabs has identified a new piece of Mac ransomware, popularly known as MacRansom, which is reported as an example of ransomware-as-a-service (RaaS). This means that someone with no coding experience could also easily make money by distributing the ransomware to accomplices.

How does MacRansom work?

The malware installs itself quietly to work under the user’s account, rather than as a system-wide program. It is unlikely that users will notice the presence of the malware as it is given a seemingly common name, similar to the official mac OS filename.

Once the malware is activated, it begins to encrypt the user’s files and offer a decryption key at a price. As this malware targets files in attached hard-disks, USB keys and other removable drives, it is recommended to keep at least one recent backup copy offline, and off-site as well.

Newsbytes.ph is guided by this principle: If there’s an IT news that needs to be known by the public, we have the duty to report it — no matter what or who is involved. This is our contract with our readers. READ MORE

Subscribe

You can subscribe to Newsbytes.ph by e-mail to receive news and updates directly in your inbox for FREE. Simply enter your e-mail below and click Sign Up.